CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

Snyk•added 2026/05/13 10:41 a.m.•9 views

Generation of Error Message Containing Sensitive Information

Overview composer/composer is a Dependency Manager for PHP. Composer helps you declare, manage and install dependencies of PHP projects. It ensures you have the right stack everywhere. Affected versions of this package are vulnerable to Generation of Error Message Containing Sensitive Information...

8.6CVSS5.8AI score0.00079EPSS

Exploits0References2

CNNVD•added 2026/04/28 12:0 a.m.•6 views

Vmware Spring gRPC 安全漏洞

Vmware Spring GRPC is an extension component for Spring application development developed by Vmware, which supports GRPC communication. Versions 1.0.0 to 1.0.2 of Vmware Spring GRPC contain security vulnerabilities. These vulnerabilities stem from the fact that the original message of the...

5.3CVSS5.8AI score0.002EPSS

Exploits0References1

Cvelist•added 2026/04/15 6:22 p.m.•22 views

CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

5CVSS0.0024EPSS

Exploits0References2

NVD•added 2026/01/30 9:15 a.m.•7 views

CVE-2025-1395

Generation of Error Message Containing Sensitive Information vulnerability in Codriapp Innovation and Software Technologies Inc. HeyGarson allows Fuzzing for application mapping. This issue affects HeyGarson: through 30012026. NOTE: The vendor was contacted several times to verifying fixing proce...

8.2CVSS0.00299EPSS

Exploits0References2

RedhatCVE•added 2026/01/26 3:10 p.m.•14 views

CVE-2025-52022

A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed error messages that disclose internal file paths, code snippets, and stack traces. This occurs when specially crafted HTTP GET/POST requests are sent to publ...

5.3CVSS5.9AI score0.00415EPSS

Exploits0References1

Cvelist•added 2026/01/23 12:0 a.m.•21 views

CVE-2025-52022

0.00415EPSS

Exploits0References2

RedhatCVE•added 2026/01/14 6:22 p.m.•4 views

CVE-2026-20838

Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...

5.5CVSS6.4AI score0.00633EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:12 a.m.•4 views

CVE-2022-0079

showdoc is vulnerable to Generation of Error Message Containing Sensitive Information...

5.3CVSS6.8AI score0.00969EPSS

Exploits1References1

RedhatCVE•added 2025/12/12 11:7 p.m.•4 views

CVE-2025-66452

LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json includes user input in the error message, which gets reflected in responses. User input including HTML/JavaScript can be exposed in error...

6.1CVSS6.2AI score0.00181EPSS

Exploits1References1